Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
@ethereum-attestation-service/contracts
Advanced tools
The Ethereum Attestation Service is a free and open protocol for on-chain attestations on EVM compatible blockchains. It is a generalized service that allows anyone to register a schema for their particular use case, and then make attestations following their schema.
Schemas can be registered using the SchemaRegistry.sol
contract, and attestations are made using the EAS.sol
contract.
In addition, we provide a resolver contract for advanced use cases, such as on-chain verification of attestation data, and also attaching payments to attestations (which makes a new suite of powerful web3 applications possible).
We also provide an SDK for developers.
On-chain attestations will enable a powerful new range of web3 applications, including:
yarn install @ethereum-attestation-service/contracts
Testing the protocol is possible via multiple approaches:
You can run the full test suite via:
yarn test
You can test new deployments (and the health of the network) against a mainnet fork via:
yarn test:deploy
Please make sure to properly configure your Tenderly settings via .env
.
This will automatically be skipped on an already deployed and configured deployment scripts and will only test the additional changeset resulting by running any new/pending deployment scripts and perform an e2e test against the up to date state. This is especially useful to verify that any future deployments and upgrades, suggested by the DAO, work correctly and preserve the integrity of the system.
------------------------------|----------|----------|----------|----------|----------------|
File | % Stmts | % Branch | % Funcs | % Lines |Uncovered Lines |
------------------------------|----------|----------|----------|----------|----------------|
contracts/ | 100 | 100 | 100 | 100 | |
EAS.sol | 100 | 100 | 100 | 100 | |
EIP712Verifier.sol | 100 | 100 | 100 | 100 | |
IEAS.sol | 100 | 100 | 100 | 100 | |
IEIP712Verifier.sol | 100 | 100 | 100 | 100 | |
ISchemaRegistry.sol | 100 | 100 | 100 | 100 | |
SchemaRegistry.sol | 100 | 100 | 100 | 100 | |
Types.sol | 100 | 100 | 100 | 100 | |
contracts/resolver/ | 100 | 100 | 100 | 100 | |
ISchemaResolver.sol | 100 | 100 | 100 | 100 | |
SchemaResolver.sol | 100 | 100 | 100 | 100 | |
contracts/resolver/examples/ | 100 | 100 | 100 | 100 | |
AttestationResolver.sol | 100 | 100 | 100 | 100 | |
AttesterResolver.sol | 100 | 100 | 100 | 100 | |
DataResolver.sol | 100 | 100 | 100 | 100 | |
ExpirationTimeResolver.sol | 100 | 100 | 100 | 100 | |
PayingResolver.sol | 100 | 100 | 100 | 100 | |
RecipientResolver.sol | 100 | 100 | 100 | 100 | |
RevocationResolver.sol | 100 | 100 | 100 | 100 | |
TokenResolver.sol | 100 | 100 | 100 | 100 | |
ValueResolver.sol | 100 | 100 | 100 | 100 | |
------------------------------|----------|----------|----------|----------|----------------|
All files | 100 | 100 | 100 | 100 | |
------------------------------|----------|----------|----------|----------|----------------|
In order to audit the test coverage of the full test suite, run:
yarn test:coverage
You can profile the gas costs of all of the user-focused flows via:
yarn test:profile
The contracts have built-in support for deployments on different chains and mainnet forks. You can deploy the project by:
yarn deploy
There’s also a special deployment mode which deploys the protocol to a mainnet fork, with additional goodies. It can be run via:
yarn deploy:fork
The framework was inspired and adopted from Bancor V3.
EAS is open source and distributed under the MIT License (see LICENSE
).
FAQs
Ethereum Attestation Service
The npm package @ethereum-attestation-service/contracts receives a total of 0 weekly downloads. As such, @ethereum-attestation-service/contracts popularity was classified as not popular.
We found that @ethereum-attestation-service/contracts demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.